SNMP Quick Start Guide
About
SNMP (Simple Network Monitoring Protocol) is an application layer protocol used for monitoring devices on a network. It facilitates the monitoring of devices, such as servers, routers, switches, workstations, printers, etc. It is used for reporting statistics on packet loss, bandwidth, CPU usage, disk space, memory usage, and many more factors that affect the network performance. It is used on networks of all shapes and sizes and supported by pretty much all operating systems. SNMP is vendor-neutral and can be used from anywhere.
Enable Devices to Send SNMP Data to SevOne NMS
You will need to enable your devices to allow SevOne NMS to use the version-specific SNMP commands listed below during device discovery. The steps for enabling devices to send SNMP data can vary from one device to another, and you may need to refer to your device manufacturer's documentation for specific instructions on enabling SNMP.
Example: Can be used to enable a Cisco router to send SNMP data
router(config)# snmp-server community <YourReadCommunityStringHere> ro
router(config)# snmp-server community <YourWriteCommunityStringHere> rw
router(config)# snmp-server location <Your location here>
router(config)# snmp-server contact <yourAdmin@yourServer.com>
Enter the following command to verify the operation.
router(config)# show snmp
SNMP Commands
SNMP Version
Operation | SNMP Commands | ||
SNMPv1 | SNMPv2c | SNMPv3 | |
snmpget | SNMP_MSG_GET | SNMP_MSG_GET | SNMP_MSG_GET |
snmpset | SNMP_MSG_SET | SNMP_MSG_SET | SNMP_MSG_SET |
snmpwalk | SNMP_MSG_GETNEXT |
SNMP_MSG_GETBULK
|
SNMP_MSG_GETBULK
|
SNMP Timeouts
- Timeout: 1 second
- Retries: 5
Pre-configuration
Before you configure SNMP in SevOne NMS, the following details must be readily available.
- Port number
- Port number that SevOne NMS must use to poll SNMP data. The default port is 161.
- SNMP version
- Version of SNMP your device uses. There are currently three versions - v1, v2c, and v3.
- Read Community String (SNMPv1 and SNMPv2c)
- This is similar to password.
- When SevOne NMS sends GET-requests to a device, it uses the read-community string for authentication purposes.
- Read community strings are used in SNMPv1 and SNMPv2c.
- SNMPv3, on the other hand, uses a user name/password combination and, optionally, an encryption key.
- Write Community String (SNMPv1 and SNMPv2c)
- This is similar to the concept of a read-community string.
- When SevOne NMS sends SET-requests, the write-community string acts as a password. Although this is defined for the SNMP plugin, it is actually used by other plugins, such as IP SLA and Proxy Ping, which use SNMP SET commands to create the tests that these plugins measure.
- Username / Password (SNMPv3)
- User name and password are required for authentication purposes.
- (optional) Authentication Type (SNMPv3)
- Can choose from MD5, SHA, SHA-224, SHA-256, SHA-384, or SHA-512 for authentication.
- (optional) Encryption Type (SNMPv3)
- If you selected either a MD5 or a SHA-type as your authentication type, you can choose to use
either an AES or a DES type of encryption. For example, AES, AES192,
AES192C, AES256, AES256C, 3DES, or DES.Important: If you are upgrading from SevOne NMS 5.7.2.x to SevOne NMS 6.3 or above, no action is required for the existing devices. However, if any new Cisco device(s) are added as AES192 or AES256, you will need to add them as AES192C or AES256C respectively.
- If you selected either a MD5 or a SHA-type as your authentication type, you can choose to use
either an AES or a DES type of encryption. For example, AES, AES192,
AES192C, AES256, AES256C, 3DES, or DES.
- (optional) Encryption Key (SNMPv3)
- If you are using an AES or a DES encryption type, you will need an encryption key.
Configuration
When you specify settings cluster-wide, SevOne NMS applies the settings to all SNMP-enabled devices as a rule. Please refer to SevOne NMS System Administration Guide > section Cluster Manager > Cluster Settings tab > SNMP subtab for details.
However, if you want to apply specific settings for some of your devices, but not all, you can easily edit SNMP settings at the device level. For details on SNMP Plugin, please refer to section SNMP Plugin in SevOne NMS User Guide.
For details on SNMP Object Types and Indicator Types (Atomic / Synthetic), please refer to SevOne NMS System Administration Guide > section Object Types for details.
For details on SNMP Object Subtypes, please refer to SevOne NMS System Administration Guide > section Object Subtype Manager for details. For field Plugin, choose one of the following from the drop-down list - SNMP Poller, Deferred Data, or Process Poller.
Device types are a way of classifying devices. This method of device classification is used to determine which object types to discover for a given device. Device types are hierarchical. A device type can have child device types, and those child device types can have child device types of their own. For details, please refer to SevOne NMS System Administration Guide > section Device Types.
SNMP OIDs and MIBs
Object Identifiers (OIDs) are strings of numbers used for naming objects. For example, .1.3.6.1.2.1.1.1 is the OID of the object sysDescr. MIBs are the files that enable the raw machine generated OIDs to display in a way that is more understandable to users. SevOne NMS groups OIDs under the guise of an object. An object is defined by an index value and may have multiple OIDs. Each of these OIDs uses the object's index to resolve its values, and each OID under an object is known as an indicator.
For example, SevOne NMS conceptually creates an object outlined as follows.
Object
- Index 1
- Indicators
RFC1213-MIB::ifIndex
RFC1213-MIB::ifDescr
RFC1213-MIB::ifType
RFC1213-MIB::ifSpeed
RFC1213-MIB::ifPhysAddress
RFC1213-MIB::ifAdminStatus
RFC1213-MIB::ifOperStatus
RFC1213-MIB::ifInOctets
RFC1213-MIB::ifInDiscards
RFC1213-MIB::ifOutOctets
RFC1213-MIB::ifOutDiscards
Each interface object typically has the same definition but a different index value. This means that all interfaces to the system are closely related. SevOne NMS monitors every SNMP item that is part of an object.
Each entry in the SNMP structure is a series of numbers, such as .1.3.6.1.2.1.1.1. As you read the number, each number to the right is more specific than the number to its left. Each number to the right is thought of as a child of the number to its left. A string of such numbers is known as an OID because it defines a unique identifier for a particular thing, or object.
MIBs define textual names for OIDs. Manufacturers tend to have their own MIBs to describe specific things about their systems.
For details on SNMP OID Browser, please refer to SevOne NMS System Administration Guide > section SNMP OID Browser for details
The Management Information Base (MIB) is a hierarchical database shared between the SNMP agent and the SNMP manager. It contains managed objects for devices, and OIDs are used to uniquely identify each object in the MIB. The MIB Manager enables you to view MIB details and to add MIBs. Please refer to section MIB Manager in SevOne NMS System Administration Guide.
SNMP Traps
An SNMP trap is a notification indicating events or changes in status, such as power outages, authentication failures, cold starts, warm starts, interface status, and voltage changes, for example. SNMP traps enable a device to send information. Traps include events, such as when a new interface is added or a device is restarted. Trap events enable you to assign real meaning to SNMP traps. SevOne NMS provides several common trap events. The Trap Event Editor lets you define trap events specific to your environment.
Please refer to the following sections in SevOne NMS System Administration Guide for details.
- Logged Traps
- Unknown Traps
- Trap Event Editor
- Trap Destinations
- Trap Destination Associations
Additional Information about SNMP
SNMP as seen by SevOne NMS
SevOne SNMP Scripting (S3) is a scripting language developed by SevOne to enable the SNMP plugin to discover complex SNMP objects. The primary purpose of S3 is to describe an SNMP OID in relation to other SNMP OIDs. S3 creates text that relates to and is based on OIDs in order to create more user-friendly SNMP object names and descriptions. S3 also relates OIDs to each other via logical and mathematical expressions to store the resultant values for later use, such as to cross-reference OIDs across a device SNMP tree and to gather descriptive information about a particular object.
The SNMP plugin uses S3 to do the following:
- Define an object name.
- Define an object description.
- Define an object type.
- Determine which objects to include.
- Define an indicator.
SNMP Object Naming Process
The SNMP plugin uses the following scoring formula to name a newly discovered object.
Assume that the best score to begin is 0.
- Go through all of the objects for the device.
- If the existing object’s object type is the wrong name, skip.
- The best possible score is 5.
- Assume that the new object description is valid.
- If the new object description is the same as the object type name, then the object description is no good.
- If two things that the SNMP plugin already found have the object description, then the object description is no good.
- Assume that the old description is valid.
- If the existing object description is the same as the object type name, then the object description is no good.
- If two existing objects already have that object description, then the
object description is no good.
If either object description is no good, then the best possible score is now 4.
The current score is 0.
- If the object names are the same, then increase the current score by 3.
- Otherwise, if the new object description is good and the existing object name is the same as the new object description, then increase the current score by 1.
- If both object descriptions are good and the same, then increase the score by 1.
- Otherwise, if the existing object description is good and the existing object description is the same as the new object name, then increase the current score by 1.
- If the SNMP indexes are the same, then increase the current score by 1.
- If the score is at least 2, and the score is better than the best score so far, consider the objects the same.
Human breakdown
// Scoring analysis.
//
// Possible scores: / Current name matches existing name. [+3]
// 3,1,0 | Current description is good.
// \ Current description matches existing name. [+1]
//
// Possible scores: / Existing description is good.
// 1,0 | Current description is good.
// | Existing description matches current description. [+1]
// \ Existing description matches current name. [+1]
//
// Possible scores: / Current index matches existing index. [+1]
// 1,0 \
//
// So, when are things the same?
// 1. The names are the same.
// 2. The description (if good) matches an existing name AND the descriptions (if good) are the same.
// 3. The description (if good) matches an existing name AND the name is matches an existing description (if good).
// 4. The description (if good) matches an existing name AND the indexes are the same.
// 5. The name is matches an existing description (if good) AND the indexes are the same.
Example
All objects belong to the Interfaces object type.
Each port is an object.
Object Name | Object Description | SNMP Index | Note | Score |
Eth0 | Internet Access | 1 | Existing object with poll data | n/a |
Eth1 | Interface | 2 | Existing object with poll data | n/a |
Eth2 | Site One | 3 | Existing object with poll data | n/a |
Eth3 | Back Link | 4 | Existing object with poll data | n/a |
You rename the ports on the router. Upon rediscovery, the SNMP plugin continues to poll the objects with no change or data loss as long as you do not change the object description or the SNMP index.
Object Name | Object Description | SNMP Index | Note | Score |
Ethernet0 | Internet Access | 1 | No data lost, polled as if it were still Eth0 | x |
Ethernet1 | Interface | 2 | No data lost, polled as if it were still Eth1 | x |
Ethernet2 | Site One | 3 | No data lost, polled as if it were still Eth2 | x |
Ethernet3 | Back Link | 4 | No data lost, polled as if it were still Eth3 | x |
You remove the first card from the router. The router automatically renames each port. Upon rediscovery, the SNMP plugin continues to poll the objects with no change or data loss as long as you do not change the description or the index.
Object Name | Object Description | SNMP Index | Note | Score |
Ethernet0 | Internet Access | 1 | Data stored for the number of Days Until Delete setting in the Cluster Manager | x |
Ethernet1 | Interface | 2 | Data stored for the number of Days Until Delete setting in the Cluster Manager | x |
Ethernet0 | Site One | 3 | No data lost, polled as if it were still Ethernet2 | x |
Ethernet1 | Back Link | 4 | No data lost, polled as if it were still Ethernet3 | x |
You add the card back to the router within the number of Days Until Delete setting in the Cluster Manager. The router automatically changes the object name.
Object Name | Object Description | SNMP Index | Note | Score |
Ethernet0 | Internet Access | 1 | Data gap for when the card was removed but otherwise no data lost, polled as if it were still Ethernet0 | x |
Ethernet1 | Interface | 2 | Data gap for when the card was removed but otherwise no data lost, polled as if it were still Ethernet1 | x |
Ethernet2 | Site One | 3 | No data lost, polled as if it were still Ethernet0 from previous discovery. | x |
Ethernet3 | Back Link | 4 | No data lost, polled as if it were still Ethernet1 from previous discovery. | x |
You decide to rename port four and change its description.
Object Name | Object Description | SNMP Index | Note | Score |
Ethernet0 | Internet Access | 1 | No data lost, polled as if it were still Ethernet0 from previous discovery. | x |
Ethernet1 | Interface | 2 | No data lost, polled as if it were still Ethernet1 from previous discovery. | x |
Ethernet2 | Site One | 3 | No data lost, polled as if it were still Ethernet2 from previous discovery. | x |
Eth3 | Site Three | 4 |
New object created and new poll data collected. Existing data stored for the number of Days Until Delete setting in the Cluster Manager. |
x |
Anatomy of SNMP Data
At a very high level, SevOne NMS groups each SNMP object by an SNMP object type. Each object has indicators that are grouped by indicator type. SNMP objects are composed of OIDs which, in turn, break down into MIBs.
How OIDs Are Indexed
Device manufacturers name SNMP OIDs using a series of numbers. For example, the OID sysDescr is .1.3.6.1.2.1.1.1. Everything that comes after a named OID is the OID index. System-wide information is usually denoted as .0 information. The .0 generally means there is only one instance of the OID. For example, the sysDescr index is always .0. The OID ifDescr is indexed by a single number that is not 0. For example, the description of an Ethernet card in a server might be ifDescr.3. There is no limit to the count of numbers that follow an OID. Some manufacturers use integer indexes that have a constant amount of numbers following each OID, and some manufacturers use string indexes for readability. A string index represents a piece of text (the string) as a series of characters where each character is represented as its ASCII value. String indexes are sometimes prefixed with the length of the string.
Index Types
Index | Description | Example |
---|---|---|
Integer | A single number of any size. | Can be a simple integer, such as 7, which could be used for an interface index. |
String (with length) | A string of text, prefixed with the number of characters and followed by the ASCII value of each character. | Text CPU has 3 characters. It is 3.<ASCII value of each character>. i.e., 3.67.80.85. |
String (with no length) | A string where the length is not prefixed. | Text CPU in ASCII values without the number of characters will be 67.80.85. |
Number (with length) | A string index where the numbers do not have an ASCII meaning. | The IP address 4.192.158.0.1 includes its length (4) before the octets. |
Number (with no length) | A string index with no length and where the numbers do not have an ASCII meaning. | The IP address 192.158.0.1 appears as a series of integer indexes and contains no information about its length. |
How S3 Handles SNMP
S3 uses the full numeric OID representation (starting with .1) to remove the dependency on the MIBs and to remove potential ambiguity of the OID. This makes the object definition fully portable to another system because different MIBs can arbitrarily redefine OIDs.
Another S3 feature is that white space characters such as spaces, tabs, and new line characters are optional and exist for readability. All of the following are equivalent:
- 7+9
- 7 + 9
- 7
+9
- 7
+
9
Scripts
An S3 script is a sequential evaluation of one or many statements. Each statement is executed in sequence. The only logic provided by S3 comes from flavors of the ternary operator, which acts like an IF statement.The final result of the script is the result of the final statement in the script.
Examples
Example 1:
Statement 1
Example 2:
1. Statement 1
2. Statement 2
3. Statement 3
Statements
A statement is the atomic unit of a script. A statement can assign a value to a variable, or a statement can be an expression that evaluates to some value. Each statement evaluates to some value upon execution. For example, in the case of a variable assignment, the value of the statement is the value of the variable.
Statements are lists of expressions. Expression chains may be very complex and long. All S3 statements must end in a semicolon (;). The last statement in a script may omit the semicolon.
Simple statement:
Expression ;
List statement where the final value is the concatenation of both expressions:
Expression 1 Expression 2 ;
Expressions
An expression is the atomic unit of a statement. S3 is an OID-evaluation language and a text-creation language. Multiple expressions can lie next to each other, and their results are concatenated together. This differs from more logical and mathematical languages.
Example: 1 + 2 3 + 4
- In C, there needs to be a joining operation between the 2 and the 3 because they are considered two disjointed expressions–which would result in a syntax error.
- In S3, this is seen as two separate expressions next to each other: 1 + 2 and 3 + 4. The result of the statement is 37. The white space does not matter unless it is enclosed in quotes.
An expression is anything that evaluates to a value. This value does not have to be numeric. A piece of text evaluates to itself. An expression might be the number 7, the word Hello, or a complex mathematical formula. Expressions can be chains of symbols and operators as long as the entire expression evaluates to a single value.
- Number
7
- String:
'Hello'
- Complex Formula:
( ( 1 + 2 ) / 12 + 34 ) * 10
- Variable or OID that evaluates to a number or
string:
[INDEX]
.1.3.6.1.2.1.1.1.0
- Multiple grouped expressions (enclosed within parentheses) concatenated
together:
( 7 'Hello' ( ( 1 + 2 ) / 12 + 34 ) * 10 [INDEX] .1.3.6.1.2.1.1.1.0 )
Variables
Variables are evaluated as OIDs to store the value of an expression. S3 has two types of variables: scalars and vectors.
- Scalar - Anything that is a single number or some text.
- Vector - An array of things. Vectors in S3 are different from vectors in normal scripting languages. In S3, vectors are geared toward OIDs because an individual OID is represented as .<number> and a full OID is a series of .<numbers>s one after another. S3 breaks down variables into vectors by the . character.
A variable is a name surrounded by square brackets. Variable names consist of the following characters: a-z, A-Z, 0-9, and - .
[Variable Name]
A variable assignment is an expression. The evaluation of the assignment is the new variable value. A variable assignment uses the = operator.
[Variable name] = Expression
S3 uses the following conventions to differentiate SevOne system variables from user variables. This prevents user variables from overwriting system variables. There is no rule to enforce this.
- SevOne system variables use capital letters and underscores for spaces.
[MY_VARIABLE]
- User variables use lowercase letters, a capital letter in the next word, and no underscore for
spaces.
[myVariable]
S3 can treat and evaluate variables as OIDs. Each variable must be declared before use. There is no special declaration syntax, but a variable must have an assigned value before being used in an expression. Both scalar variables and vector variables are evaluated and inserted raw into the expression.
S3 does nothing special to scalar variables when scalar variables are evaluated.
When a vector variable is evaluated, each of the vector variable's components is written and separated by . . Elements in vector variables are zero-indexed numerically. The first element starts at 0, and the second starts at 1, etc. To access a particular element of a vector variable, surround the element index in curly braces after the variable.
[Variable
Name ]{Index number
}
A variable cannot be used as an index number. The index number must be an actual number.
Each element in a vector variable is usually a scalar variable. However, there are exceptions when an element in a vector variable is another vector variable.
Some variables should not be evaluated as an OID. Enclose the variable in backticks (`) to prevent the variable from being evaluated as an OID. If a variable simply contains a number, the variable is treated as a normal number if not backticked. However, it is always safe to backtick a variable to prevent improper evaluation. Text evaluates to itself. Text is considered anything enclosed in quotes. Backticks may be in a single quoted string, and that single quote string may be in a backtick quoted string.
- Single quotes (') - Single quotes are used for raw text. The content of the text is not
processed in any way, for example,
'Anything here'.
- Backticks (`) - Backticks are used for variable interpolation. Any variables present in the text
is evaluated, for example,
`Anything here, including variables`.
S3 OID Handling
OIDs are evaluated. Anything that is not text, a variable, an operator, a normal number, or otherwise a special symbol is considered an OID. When an OID is evaluated, it evaluates to the value of the OID on the current device. If the OID is not present on the device, the OID, followed by the default SNMP index, is used instead. If the OID cannot be evaluated, it evaluates to the empty string.
it is critical to note here that a variable without backticks around it is treated exactly as it would be if the value of the variable were to be used instead. This means that a variable that contains a string representation of an OID is evaluated as that OID when it is encountered.
The following example might not work as anticipated.
1 [test] = 'test';
2 [test1] = [test] 1;
You might expect the value of [test1] to be test1. However, since [test] is not backticked, it is treated as if the text test were present. As such, S3 tries to get the value of the OID whose name is test. Since there is not one, it returns the empty string. This means that the final value is actually 1.
The proper way to do this is:
1 [test] = 'test';
2 [test1] = `[test]` 1;
This example backticks the variable to prevent it from being evaluated as an OID.
Indexing
When an OID is encountered, S3 tries to evaluate it. If S3 cannot evaluate the OID, then S3 adds the value of the default index to the OID, which for SNMP discovery is [INDEX]. If S3 still cannot evaluate the OID, then the OID evaluates to the empty string. This allows for human-readable and human-understandable definitions of objects and indicators. However, it also results in the loss of stringent definitions.
If an OID already has .[INDEX] appended to it, then the OID saves S3 the step.
Symbols
Symbols are special tokens (characters or collections of characters) that have a special function in S3.
Grouping
Parentheses group expressions to define the sequence that they should be evaluated in. This is commonly used in mathematical applications.
Example
1 + 2 * 3
(which is 7)
Is not the same as:
( 1 + 2 ) * 3
(which is 9).
Parentheses can change two expressions into one expression.
Example:
( 1 + 2 3 + 4 )
Evaluates to the single value 37, which could be used by further expressions.
Operators
Operators are any symbols that act on an expression. There are three types of operators:
- Unary operators - act on one value only (for example, Not).
- Binary operators - act on two values (for example, Addition).
- Ternary operators - act on three values (for example, ... ? ... : ... is a ternary operator in C).
Math
The common mathematical operators are applied with the usual precedence. Mathematical operators have full floating point support.
Multiplication (Standard multiplication)
Left expression * Right expression
Division (Standard division)
Left expression / Right expression
Addition (Standard addition)
Left expression + Right expression
Subtraction (Standard subtraction)
Left expression - Right expression
Comparison
Comparison operators compare two expressions that return 1 if the comparison is true or 0 if the comparison is false.
Equal to, Boolean == returns 1 if the left and right side are equal.
Left expression == Right expression
Not equal to, Boolean != returns 1 if the left and right side are not equal.
Left expression != Right expression
Less than, Boolean < returns 1 if the left side is less than the right side.
Left expression < Right expression
Less than or equal to, Boolean <= returns 1 if the left side is less than or equal to the right side.
Left expression <= Right expression
Greater than, Boolean > returns 1 if the left side is greater than the right side.
Left expression > Right expression
Greater than or equal to, Boolean >= returns 1 if the left side is greater than or equal to the right side.
Left expression >= Right expression
Logic
Logical operators generally perform true/false operations. S3 uses the following logical operators.
Binary
Binary logical operators operate on two expressions.
Logical AND, Boolean && returns 1 if the left and right side evaluate to true. Otherwise, it returns 0.
Left expression && Right expression
Logical OR, Boolean || returns 1 if the left side evaluates to true, the right side evaluates to true, or both evaluate to true. Otherwise, it returns 0.
Left expression || Right expression
Bamboo, ||| is actually a shortcut for a particularly common case of the ?? ternary operator. It returns the value on the left if it is set. Otherwise, it returns the value on the right regardless of its value.
Left expression ||| Right expression
This is equivalent to the following:
Left expression ?? Left expression : Right expression
Ternary
Ternary logical operators operate on three expressions. S3 has two ternary operators.
Logical ternary operator, ? evaluates the left expression for a test that is greater than 0 (numerically) or for a string that has length and is not 0. Otherwise, it evaluates the right expression. For this reason, the test is usually a logical Boolean expression that returns 0 or 1, guaranteed.
test ? Left expression : Right expression
Existential ternary operator, ?? evaluates the left expression for a test that has a value that is not the empty string. Otherwise, it evaluates the right expression.
test ?? Left expression : Right expression
test ?? test : Right expression
is equivalent to:
test |||
Right expression
Count
The result of a walk, #count walks the specified OID and returns the count of the occurrences of an OID. This does not resolve the OID in the manner that other naked OIDs are resolved to get the OID value. This #count resolves the OID count immediately. This differs from the way that an OID is resolved via an OID walk.
Example
To count the number of CPUs on a Linux device to determine what the maximum CPU utilization could be: net-snmp returns up to 800% utilization for a box with eight CPUs.
#count OID
Example:
#count .1.3.6.1.2.1.25.3.3.1.2
Can evaluate to 8.
Conversion
Since OIDs may be indexed by numbers, strings, or variably-sized components, S3 uses conversion operators that operate on a single expression.
Conversion to OID
OID-to-ASCII-string (with length), $s converts the expression to an ASCII string.
$s Expression
The expression should be an OID with the following format:
n.ASCII 1.ASCII 2.....ASCII n
Example:
$s '5.72.101.108.108.111'
Evaluates to Hello.
OID-to-ASCII-string (no length), $S converts the expression to an ASCII string.
$S Expression
The expression should be an OID with the following format:
ASCII 1.ASCII 2
Example:
$S '72.101.108.108.111'
Evaluates to Hello.
OID-to-numbers (with length), $v converts the expression to a string.
$v Expression
The expression should be an OID with the following format:
n.Number 1.Number 2.....Number n
Example:
$v '4.192.168.0.1'
Evaluates to 192.168.0.1.
OID-to-numbers (no length), $V Identity operation. The value should be the same as the expression.
$V Expression
This converts the expression to a string. The expression should be an OID with the following format:
Number 1.Number 2.
Example:
$V '192.168.0.1'
Evaluates to 192.168.0.1.
Conversion to OID
String-to-OID (with length), #s converts the expression to an OID with the length prefixed. The expression should be ASCII text.
#s Expression
Example:
#s 'Hello'
Evaluates to 5.72.101.108.108.111.
String-to-OID (no length), $s converts the expression to a string with no length information. The expression should be ASCII text.
#S Expression
Example:
#S 'Hello'
Evaluates to 72.101.108.108.111.
Numbers-to-OID (with length), #v converts the expression to an OID with the length prefixed. The expression should be text consisting of numbers separated by the use of . .
#v Expression
Example:
#v '192.168.0.1'
Evaluates to 4.192.168.0.1.
Numbers-to-OID (no length), #V Identity operation. The value should be the same, as the expression converts the expression to an OID with no length information. The expression should be text consisting of numbers separated by the use of . .
#V Expression
Example:
#V '192.168.0.1'
Evaluates to 192.168.0.1.
Grouping
Parameters to the conversion operators should be enclosed in parentheses to avoid confusion.
To get the OID index representation of the text 37 (which is 2.51.55), you can try:
#s 1 + 2 3 + 4
However, the #s only applies to the 1 which yields 1.49. (49 is ASCII for 1). The value of that is added to 2 (1.49 + 2 = 3.49), which is then concatenated with 7 (to yield 3.497). You must use parentheses:
#s ( 1 + 2 3 + 4 )
Evaluates to 2.51.55 (which, as a string, is 37).
Precedence
The precedence of operators and symbols is as follows. When given the choice (that is, when parentheses are not used), S3 evaluates operations in the following sequence.
The normal mathematical operator precedence (* / + -) is preserved in this list.
- 'text' `text`
- ()
- #s #S #v #V $s $S $v $V
- * /
- + -
- == != > >= < <=
- &&
- ||
- |||
- :
- ? ??
- =
Variable Assignment Example
The following examples assign the proper values to variables. The name of each variable matches its value.
- [one] = 1;
- [two] = 1 + 1;
- [two] = `[one]` + `[one]` - 1 + 1;
- [ten] = ( 2 + 1 ) * 3 + 1;
The following example sets all three variables equal to 12.
1 [x] = [y] = [z] = 12;
Logic
The following examples demonstrate Boolean logic.
- [bothXandY] = `[x]` && `[y]`;
- [eitherXorYorBoth] = `[x]` || `[y]`;
- [eitherXorY] = ( `[x]` && (`[y]` ? 0 : 1) ) || ( `[y]` && (`[x]` ? 0 : 1) );
- [notX] = `[x]` ? 0 : 1;
The following example selects the value of ifName
if it is present.
Otherwise, it selects the he value of ifDescr
.
[bamboo] = ifName ||| ifDescr;
The following examples demonstrate the use of the ternary operator.
- [sevenOrEight1] = `[x]` ? 7 : 8;
- [sevenOrEight2] = `[x]` ? 6 + 1 : 2 * 2 + 4;
Conversion
The following examples convert the text CPU into an OID index. The ASCII values for the individual letters are C=67, P=80, and U=85.
#s 'CPU'
The result of this is 3.67.80.85 (includes a length prefix).
#S 'CPU'
The result of this is 67.80.85 (no length prefix).
The following examples convert the specified OID indexes into strings.
$s '3.67.80.85'
The result of this is CPU.
$S '67.80.85'
The result of this is also CPU.
Examples
VACM Entry
The Net-SNMP agent supports the NET-SNMP-VACM-MIB, which provides some information about Net-SNMP's View Access Control Model (VACM).
The following is a sample walk of nsVacmAccessEntry
(.1.3.6.1.4.1.8072.1.9.1.1)
NET-SNMP-VACM-MIB::nsVacmContextMatch."grpcomm1"."".0.noAuthNoPriv."read"
= INTEGER: prefix(2)
NET-SNMP-VACM-MIB::nsVacmContextMatch."grpcomm1"."".0.noAuthNoPriv."write"
= INTEGER: prefix(2)
NET-SNMP-VACM-MIB::nsVacmContextMatch."grpcomm1"."".0.noAuthNoPriv."notify"
= INTEGER: prefix(2)
NET-SNMP-VACM-MIB::nsVacmContextMatch."grpsnmpUser"."".3.authNoPriv."read"
= INTEGER: prefix(2)
NET-SNMP-VACM-MIB::nsVacmContextMatch."grpsnmpUser"."".3.authNoPriv."write"
= INTEGER: prefix(2)
NET-SNMP-VACM-MIB::nsVacmContextMatch."grpsnmpUser"."".3.authNoPriv."notify"
= INTEGER: prefix(2)
NET-SNMP-VACM-MIB::nsVacmViewName."grpcomm1"."".0.noAuthNoPriv."read"
= STRING: all
NET-SNMP-VACM-MIB::nsVacmViewName."grpcomm1"."".0.noAuthNoPriv."write"
= STRING: none
NET-SNMP-VACM-MIB::nsVacmViewName."grpcomm1"."".0.noAuthNoPriv."notify"
= STRING: none
NET-SNMP-VACM-MIB::nsVacmViewName."grpsnmpUser"."".3.authNoPriv."read"
= STRING: all
NET-SNMP-VACM-MIB::nsVacmViewName."grpsnmpUser"."".3.authNoPriv."write"
= STRING: all
NET-SNMP-VACM-MIB::nsVacmViewName."grpsnmpUser"."".3.authNoPriv."notify"
= STRING: all
NET-SNMP-VACM-MIB::nsVacmStorageType."grpcomm1"."".0.noAuthNoPriv."read"
= INTEGER: permanent(4)
NET-SNMP-VACM-MIB::nsVacmStorageType."grpcomm1"."".0.noAuthNoPriv."write"
= INTEGER: permanent(4)
NET-SNMP-VACM-MIB::nsVacmStorageType."grpcomm1"."".0.noAuthNoPriv."notify"
= INTEGER: permanent(4)
NET-SNMP-VACM-MIB::nsVacmStorageType."grpsnmpUser"."".3.authNoPriv."read"
= INTEGER: permanent(4)
NET-SNMP-VACM-MIB::nsVacmStorageType."grpsnmpUser"."".3.authNoPriv."write"
= INTEGER: permanent(4)
NET-SNMP-VACM-MIB::nsVacmStorageType."grpsnmpUser"."".3.authNoPriv."notify"
= INTEGER: permanent(4)
NET-SNMP-VACM-MIB::nsVacmStatus."grpcomm1"."".0.noAuthNoPriv."read"
= INTEGER: active(1)
NET-SNMP-VACM-MIB::nsVacmStatus."grpcomm1"."".0.noAuthNoPriv."write"
= INTEGER: active(1)
NET-SNMP-VACM-MIB::nsVacmStatus."grpcomm1"."".0.noAuthNoPriv."notify"
= INTEGER: active(1)
NET-SNMP-VACM-MIB::nsVacmStatus."grpsnmpUser"."".3.authNoPriv."read"
= INTEGER: active(1)
NET-SNMP-VACM-MIB::nsVacmStatus."grpsnmpUser"."".3.authNoPriv."write"
= INTEGER: active(1)
NET-SNMP-VACM-MIB::nsVacmStatus."grpsnmpUser"."".3.authNoPriv."notify"
= INTEGER: active(1)
with Numeric OIDs
.1.3.6.1.4.1.8072.1.9.1.1.2.8.103.114.112.99.111.109.109.49.0.0.1.4.114.101.97.100
= INTEGER: prefix(2)
.1.3.6.1.4.1.8072.1.9.1.1.2.8.103.114.112.99.111.109.109.49.0.0.1.5.119.114.105.116.101
= INTEGER: prefix(2)
.1.3.6.1.4.1.8072.1.9.1.1.2.8.103.114.112.99.111.109.109.49.0.0.1.6.110.111.116.105.102.121
= INTEGER: prefix(2)
.1.3.6.1.4.1.8072.1.9.1.1.2.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.4.114.101.97.100
= INTEGER: prefix(2)
.1.3.6.1.4.1.8072.1.9.1.1.2.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.5.119.114.105.116.101
= INTEGER: prefix(2)
.1.3.6.1.4.1.8072.1.9.1.1.2.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.6.110.111.116.105.102.121
= INTEGER: prefix(2)
.1.3.6.1.4.1.8072.1.9.1.1.3.8.103.114.112.99.111.109.109.49.0.0.1.4.114.101.97.100
= STRING: all
.1.3.6.1.4.1.8072.1.9.1.1.3.8.103.114.112.99.111.109.109.49.0.0.1.5.119.114.105.116.101
= STRING: none
.1.3.6.1.4.1.8072.1.9.1.1.3.8.103.114.112.99.111.109.109.49.0.0.1.6.110.111.116.105.102.121
= STRING: none
.1.3.6.1.4.1.8072.1.9.1.1.3.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.4.114.101.97.100
= STRING: all
.1.3.6.1.4.1.8072.1.9.1.1.3.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.5.119.114.105.116.101
= STRING: all
.1.3.6.1.4.1.8072.1.9.1.1.3.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.6.110.111.116.105.102.121
= STRING: all
.1.3.6.1.4.1.8072.1.9.1.1.4.8.103.114.112.99.111.109.109.49.0.0.1.4.114.101.97.100
= INTEGER: permanent(4)
.1.3.6.1.4.1.8072.1.9.1.1.4.8.103.114.112.99.111.109.109.49.0.0.1.5.119.114.105.116.101
= INTEGER: permanent(4)
.1.3.6.1.4.1.8072.1.9.1.1.4.8.103.114.112.99.111.109.109.49.0.0.1.6.110.111.116.105.102.121
= INTEGER: permanent(4)
.1.3.6.1.4.1.8072.1.9.1.1.4.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.4.114.101.97.100
= INTEGER: permanent(4)
.1.3.6.1.4.1.8072.1.9.1.1.4.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.5.119.114.105.116.101
= INTEGER: permanent(4)
.1.3.6.1.4.1.8072.1.9.1.1.4.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.6.110.111.116.105.102.121
= INTEGER: permanent(4)
.1.3.6.1.4.1.8072.1.9.1.1.5.8.103.114.112.99.111.109.109.49.0.0.1.4.114.101.97.100
= INTEGER: active(1)
.1.3.6.1.4.1.8072.1.9.1.1.5.8.103.114.112.99.111.109.109.49.0.0.1.5.119.114.105.116.101
= INTEGER: active(1)
.1.3.6.1.4.1.8072.1.9.1.1.5.8.103.114.112.99.111.109.109.49.0.0.1.6.110.111.116.105.102.121
= INTEGER: active(1)
.1.3.6.1.4.1.8072.1.9.1.1.5.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.4.114.101.97.100
= INTEGER: active(1)
.1.3.6.1.4.1.8072.1.9.1.1.5.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.5.119.114.105.116.101
= INTEGER: active(1)
.1.3.6.1.4.1.8072.1.9.1.1.5.11.103.114.112.115.110.109.112.85.115.101.114.0.3.2.6.110.111.116.105.102.121
= INTEGER: active(1)
Indexing
S3 has two options to properly index entries:
- S3 can choose a variable-length index (with no length prefix). However, this provides S3 no insight as to the components of the index. There are no OIDs available to determine a proper name for any of the entries to enter into the system as objects.
- S3 can explicitly define each index component, which allows S3 to reference each component individually to properly name objects.
The index is composed of the following types of fields.
Example
"grpcomm1"."".0.noAuthNoPriv."read"
- String (for example, grpcomm1) - According to the MIB, this is the name of the group for this entry.
- String (for example, "") - According to the MIB, this is the prefix that a name must match to gain access rights.
- Integer (for example, 0) - According to the MIB, this is the security model in use. This roughly corresponds with the SNMP version (where 0 = any).
- Integer (for example, noAuthNoPriv, which is, 1) - According to the MIB, this is the minimum level of security required to gain access rights.
- String (for example, read) - According to the MIB, this is the type of processing to apply the specified view to.
S3 has the following information:
- [INDEX] is 8.103.114.112.99.111.109.109.49.0.0.1.4.114.101.97.100.
- [INDEX]{0} is 8.103.114.112.99.111.109.109.49.
- [INDEX]{1} is 0.
- [INDEX]{2} is 0.
- [INDEX]{3} is 1.
- [INDEX]{4} is 4.114.101.97.100.
Naming
S3 uses the following information to name an object for a VACM entry.
Group group name [ matching prefix ] using {any version|security model } with security level , providing processing
S3, revision 1
The security level is an enumeration. S3 creates a variable with the appropriate textual representation for its value.
Necessary S3:
- [securityLevel] = ( `[INDEX]{3}` == 1 ? 'noAuthNoPriv' : ( `[INDEX]{3}` == 2
- ? 'authNoPriv' : ( `[INDEX]{3}` == 3 ? 'authPriv' : '(unknown)' ) ) );
Name:
- 'Group '( $s `[INDEX]{0}` )( ($s `[INDEX]{1}`) ?? (' matching '($s `[INDEX]{1}`)) : '')
- 'using'( `[INDEX]{2}` ? `v[INDEX]{2}` : 'any version' )` with [securityLevel], providing`
- ( $s `[INDEX]{4}` )
Evaluates to:
Group grpcomm1 uses any version with noAuthNoPriv, providing read
S3, revision 2
The first Name S3 is too long and is not very readable. In the second revision, S3 assigns various parts of the name to variables and links the names at the end.
Necessary S3:
- [groupName] = ( $s `[INDEX]{0}` );
- [matchText] = ( ($s `[INDEX]{1}`) ?? (' matching '($s `[INDEX]{1}`)) : '' );
- [versionText] = ( `[INDEX]{2}` ? `v[INDEX]{2}` : 'any version' );
- [securityLevel] = ( `[INDEX]{3}` == 1 ? 'noAuthNoPriv' : ( `[INDEX]{3}` == 2 ? 'authNoPriv' :
- ( `[INDEX]{3}` == 3 ? 'authPriv' : '(unknown)' ) ) );
- [processingText] = ( $s `[INDEX]{4}` );
Name:
`Group [groupName][matchText] using [versionText] with [securityLevel], providing
[processingText]`
Evaluates to:
Group grpcomm1 using any version with noAuthNoPriv, providing read
The end result is the same, but the name is easier to read and understand. The difference is that each component S3 is broken up into separate variables. This allows the name to be a single interpolated string.
Context
S3 evaluates OIDs. Evaluation must take place in the context of a certain SNMP agent.
S3 is used at the SNMP discover time for a particular device. All S3 statements are executed in the context of that device. This means that every time an OID is encountered, the device is queried for its value, and that value is returned to the S3 statement.
Object Context
The main purpose of S3 is to define ways to describe specific objects from a generic set of rules. As the SNMP discover script goes through the possible object types, it generates a list of individual object indexes for each object type. The rules for that object type are applied to each index that it encounters in order to generate a unique object per index.
The following SNMP Object Editor fields are evaluated, in order, for each object.
- Variables
- A mini S3 script generates variables for later use.
- Variables generated:
- (Any present)
- Subtype expression
- Determines the subtype of the object.
- Variables generated:
- [TYPE]: The numerical value of the subtype (if any).
- [TYPE NAME]: The name of the subtype (if any).
- [TYPE DESCRIPTION]: The description of the subtype (if any).
- Assert expression
- Skipped if an object does not pass the assert expression.
- Should not define any variables.
- Name expression
- Uniquely identifies an object across the SNMP plugin for the device in question.
- Should not define any variables.
- Description expression
- Should provide an informative description of the object. If it is not set, then use the object type.
- Should not define any variables.
Before any evaluation happens, the [INDEX] variable is set to the SNMP index of the current object. This is a vector variable. Each index in the vector corresponds with each specific index key defined for this object type. Each of those could also be a vector. Because of the sequence that the system variables are generated in, S3 generates an error if a variable is used before it is generated.
Indicator Context
The Expression field in the SNMP Indicator Editor for a particular indicator is also an S3 expression. Indicators should not set variables. The Maximum Value Expression field is also an S3 expression.
An indicator expression and maximum value expression can use any of the variables defined above for the object, including any user-defined variables in the Variables field.
This enables an indicator definition to get around any strange indexing (including out-of-order indexing) by using S3 to assemble the OID to poll as necessary.
Synthetic Indicators
Indicator expressions are unique because they are handled in a two-pass system. The SNMP plugin does not implement S3. It implements a simple mathematical library. Any OIDs present in the data that is passed to the poller must be fully expanded with their index information. To accomplish this, two passes are used on the indicator expression.
The text-conversion functions of S3 does not work in either pass.
First Pass
The first pass is an expansion pass. It expands any OID encountered by adding the full index value to the end of it. This is equivalent to having every OID end in .[INDEX]. The result of this pass is saved and no real values should be generated.
Second Pass
The second pass then evaluates (normally) the results of the first pass. If this pass results in a numeric value, then the indicator is presumed to exist. The results of the first pass are stored for use by the poller.
it is important to use standard mathematical expressions (and not the extra S3 operations) to perform indicator expressions. These expressions must conform to normal mathematical rules (for example, you cannot have two expressions next to each other with no joining operator). These expressions may include the following operators:
/ + -
And the following grouping symbols:
( )
To have every interface report, as an indicator, the total number of interfaces on the device (multiplied by 10), the following indicator expression does not work:
ifNumber.0 * 10
ifNumber.0 is expanded with the default index, which in this case could be .2, for example (yielding ifNumber.0.2, which is not the desired outcome):
ifNumber.0.2 * 10
However, the following tricks the system into accepting the OID:
`ifNumber.0` * 10
This yields:
ifNumber.0 * 10
This is the desired outcome.
Summary of the Two-Pass System
- Pass 1
- OIDs are expanded.
- Text is unquoted.
- Pass 2
- Pass 1 is evaluated.
ASCII Table
The following lists the first 128 ASCII values and the corresponding character value for each.
Troubleshooting
Below are a few tips for troubleshooting SNMP-related issues. It is a good idea to start with the basics. Depending on the nature of your problem, you may want to confirm that your device is up and you are able to ping it.
Unable to see Interfaces?
If you are having trouble seeing an interface, it is possible that SevOne NMS is not able to SNMP walk the device due to an incorrect community string. Perform the following steps to verify that the SNMP community strings for the device are correct.
- Select Device Manager from Devices drop-down.
- Select the the device in question and click to display the Edit Device page.
- In the SNMP plugin section, verify that the community string and SNMP version are correct.
-
If both are correct, log on to the device and enter the following command to walk the device.
snmpwalk -v<version> -c<community string> <ip address>
- If the command fails, then SevOne NMS cannot SNMP walk the device. Try to walk the device from another location to ensure that the device is properly configured.
Common reasons for not being able to SNMP walk a device include the following.
- Routing - there is no route from SevOne NMS to the device.
- Firewall - a router between SevOne NMS and the device is blocking SNMP traffic.
Not Receiving Alerts?
SevOne NMS collects all traps and provides a collection of common trap events. Traps that have a corresponding trap event appear on the Logged Traps page. Traps that do not have a corresponding trap event appear on the Unknown Traps page. The Unknown Traps page has a Configure Trap Events button to provide access to the Trap Event Editor, where you configure trap events for your particular network.
If you think you should receive an alert on a trap from a particular device, go to the Unknown Traps page and use the filters to search by the IP address of the device.
If a trap does not resolve to an OID name, then the MIB for the trap is not included in SevOne NMS. SevOne NMS still processes the trap, and the trap appears as an OID number instead of a name.
Access Lists
If you are having trouble getting SNMP data from a device, an access list is another possible cause. An SNMP access list can be used to limit SNMP data only to specific IP addresses. If you have confirmed that your SNMP settings in SevOne NMS are correct and that there are no issues with the devices that you are trying to get SNMP data from, make sure that SevOne NMS is not being excluded as a result of an access list configuration.
Terms
Authentication Protocol | A protocol used by one network entity to confirm its identity to another network identity. |
Community String | A text string that functions as a password and is used to authenticate messages sent between an SNMP agent and an SNMP manager. |
Localized Key | A secret key shared between a user and an SNMP engine. |
Protocol Data Unit (PDU) | A unit of data in a particular protocol layer. The unit represented by a PDU varies according to which layer of the OSI model it is in. For example, it is considered a frame in Layer 2 and a packet in Layer 3. |